[PATCH] x86/bugs: Explicitly clear speculative MSR bits

Mon Nov 21 14:20:31 PST 2022

On Sun, Nov 20, 2022 at 12:02:55PM +0000, Breno Leitao wrote:
>Currently x86_spec_ctrl_base is read at boot time, and speculative bits
>are set if configs are enable, such as MSR[SPEC_CTRL_IBRS] is enabled if
>CONFIG_CPU_IBRS_ENTRY is configured. These MSR bits are not cleared if
>the CONFIGs are not set.

Also when the CONFIGs are set but the mitigations are disabled at
runtime e.g. using mitigations=off parameter.

>This is a problem when kexec-ing a kernel that has the mitigation
>disabled, from a kernel that has the mitigation enabled. In this case,
>the MSR bits are carried forward and not cleared at the boot of the new
>kernel. This might have some performance degradation that is hard to
>find.
>
>This problem does not happen if the machine is (hard) rebooted, because
>the bit will be cleared by default.
>
>This patch also defines a SPEC_CTRL_MASK macro, so, we can easily track
>and clear if eventually some new mitigation show up.
>
>Suggested-by: Pawan Gupta <pawan.kumar.gupta at linux.intel.com>
>Signed-off-by: Breno Leitao <leitao at debian.org>
>---
> arch/x86/include/asm/msr-index.h |  3 +++
> arch/x86/kernel/cpu/bugs.c       | 10 +++++++++-
> 2 files changed, 12 insertions(+), 1 deletion(-)
>
>diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
>index 10ac52705892..672de926281e 100644
>--- a/arch/x86/include/asm/msr-index.h
>+++ b/arch/x86/include/asm/msr-index.h
>@@ -54,6 +54,9 @@
> #define SPEC_CTRL_RRSBA_DIS_S_SHIFT	6	   /* Disable RRSBA behavior */
> #define SPEC_CTRL_RRSBA_DIS_S		BIT(SPEC_CTRL_RRSBA_DIS_S_SHIFT)
>
>+#define SPEC_CTRL_MASK			(SPEC_CTRL_IBRS | SPEC_CTRL_STIBP | SPEC_CTRL_SSBD \
>+							| SPEC_CTRL_RRSBA_DIS_S)
>+
> #define MSR_IA32_PRED_CMD		0x00000049 /* Prediction Command */
> #define PRED_CMD_IBPB			BIT(0)	   /* Indirect Branch Prediction Barrier */
>
>diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
>index 3e3230cccaa7..970b277d02a6 100644
>--- a/arch/x86/kernel/cpu/bugs.c
>+++ b/arch/x86/kernel/cpu/bugs.c
>@@ -137,8 +137,16 @@ void __init check_bugs(void)
> 	 * have unknown values. AMD64_LS_CFG MSR is cached in the early AMD
> 	 * init code as it is not enumerated and depends on the family.
> 	 */
>-	if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL))
>+	if (boot_cpu_has(X86_FEATURE_MSR_SPEC_CTRL)) {
> 		rdmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base);
>+		/*
>+		 * Previously running software may have some controls turned ON.
>+		 * Clear them and let kernel decide which controls to use.
>+		 */
>+		x86_spec_ctrl_base &= ~SPEC_CTRL_MASK;
>+		wrmsrl(MSR_IA32_SPEC_CTRL, x86_spec_ctrl_base);
>+	}
>+

Nit, extra newline.